By the way, never use the email address that comes with your ISP. It ties you into your ISP service and you will have to change your email address when you change ISPs. Get a GMail, Yahoo, or some other free email address for your personal email. Or better yet, let me register a domain for you. But I digress.
So ISPs usually provide email and do so without any protection. The idea is that anyone who is on their network would be known and trusted. In the case of the iPad they are figuring that the iPad is trusted. Untrusted computer can take advantage of open mail servers to send spam. The problem is that this model is no longer viable. If I use this open mail server to send mail from my personal domain then I have to register it as a trusted source for my email. Otherwise a smart mail server would look at my SPF DNS settings and know that the email is not really from me. It will probably think it is spam. All well-configured mail servers should look at SPF records and reject mail from falsified domains sources.
A good email server should also support SSL (TLS) to allow for an encrypted tunnel between my device and the server. You connect to your SMTP server using a different port and you have to provide a username and passowrd. If you were to use AT&T’s mail server then your email would be going out as plain text. This should not be too bad because it is encapsulated inside a 3G channel. Unfortunately 3G has been cracked. I would not use AT&T SMTP server for anything that you consider sensitive. AT&T certainly can see the contents of your correspondence.
Another problem with AT&T’s SMTP server cwmx.com (a.k.a. atlmail.cingularme.net) is that it it will only work while you are connected to AT&T’s network. Since the iPad is designed to dynamically switch between Wi-Fi and 3G this could be a problem. I had to create a username and password so it should be possible to set up authentication on the SMTP server.
I understand why they provide this service. I use a computer on a large computer network that also features an unprotected SMTP server that is only accessible from inside the network. In order to send email via that mail server I have to connect via VPN or use some other untrusted server. Then I’m back to the spoofing problem that SPF technologies is designed the thwart. So the open SMTP server is there out of necessity. Don’t use it. Don’t get sucked into thinking it is a good idea to use. Thank you AT&T but not thanks for this service.